Two new vulnerabilities found in the Linux Kernel

Linux heads will want to know about two new vulnerabilities found in the Linux Kernel. The first refers to an integer overflow error within the "do_replace()" function in Netfilter. This can be used to cause a buffer overflow. The second, an insufficient memory allocation in "drivers/usb/gadget/rndis.c" when handling NDIS response to OID_GEN_SUPPORTED_LIST, can cause a kernel memory corruption. The solution in both cases is to upgrade to Kernel 2.6.16, which does not have this issue.